[Samba] pam_winbind fails to authenticate domain users on my debian wheezy domain member servers
georg.vorlaufer at gmail.com
Thu Jan 2 16:55:27 MST 2014
Tried the template shell option with no change -- anyway my ad user entries
have loginshell and unixhomedirectory set.
I also would say that the tls options only affect the way one can connect
to the active directory domain controller via ldap(s).
Furthermore, these options are specified on the ad-dc and not on the
machine I try to ssh to.
2014/1/3 Michael Wood <esiotrot at gmail.com>
> On 02 Jan 2014 10:31 PM, "Rowland Penny" <rowlandpenny at googlemail.com>
> > On 02/01/14 19:54, Georg Vorlaufer wrote:
> >> tls enabled = yes
> >> tls keyfile = tls/raspberrypi.key
> >> tls certfile = tls/raspberrypi.crt
> >> tls cafile = tls/ca.crt
> > If adding the line above doesn't work, comment out the four lines above,
> I do not use tls and ssh works, so it may be failing here.
> > Rowland
> The tls options should not interfere with SSH at all. They allow
> connecting to Samba over LDAPS and I don't think they have anything to do
> with Kerberos.
> Michael Wood
More information about the samba